PT-2016-1843 · Openssl+9 · Openssl+12

David Benjamin

+2

·

Published

2016-05-03

·

Updated

2025-09-25

·

CVE-2016-2108

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.0.1o OpenSSL versions prior to 1.0.2c
Description The issue is caused by a buffer overflow in the ASN.1 implementation, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted ANY field in serialized data. This can lead to memory corruption. The vulnerability is related to the misinterpretation of large universal tags as negative zero values in ANY structures.
Recommendations For versions prior to 1.0.1o, update to version 1.0.1o or later. For versions prior to 1.0.2c, update to version 1.0.2c or later. As a temporary workaround, consider restricting the use of the d2i ASN1 TYPE function until a patch is available. Avoid deserializing untrusted ASN.1 structures containing an ANY field to minimize the risk of exploitation.

Exploit

Fix

RCE

DoS

Buffer Overflow

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2016-1439
BDU:2016-01176
CESA-2016_0722
CESA-2016_0996
CVE-2016-2108
DLA-456-1
DSA-3566-1
OPENSUSE-SU-2016_1238-1
OPENSUSE-SU-2016_1240-1
OPENSUSE-SU-2016_1241-1
OPENSUSE-SU-2016_1242-1
OPENSUSE-SU-2016_1243-1
OPENSUSE-SU-2016_1273-1
RHSA-2016:0722
RHSA-2016:0996
RHSA-2016:1137
RHSA-2016:2073
RHSA-2016_0722
RHSA-2016_0996
RHSA-2016_1137
RHSA-2017:0193
RHSA-2017:0194
SUSE-SU-2016:1206-1
SUSE-SU-2016:1228-1
SUSE-SU-2016:1231-1
SUSE-SU-2016:1233-1
SUSE-SU-2016:1267-1
SUSE-SU-2016:1290-1
SUSE-SU-2017:0461-1
SUSE-SU-2017:0495-1
SUSE-SU-2017:0585-1
SUSE-SU-2017:0601-1
SUSE-SU-2017:0605-1
SUSE-SU-2017:2699-1
SUSE-SU-2017:2700-1
SUSE-SU-2018:0112-1
USN-2959-1

Affected Products

Alt Linux
Centos
Cisco Asa
Cisco Ios Xr
Cisco Nexus
Cisco Wls
Huawei Vrp
Ibm Aix
Junos
Openssl
Red Hat
Suse
Ubuntu